
We found results for “”
CVE-2023-6780
Good to know:

Date: January 31, 2024
An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message, resulting in undefined behavior. This issue affects glibc 2.37 and newer.
Language: C
Severity Score
Related Resources (12)
Severity Score
Weakness Type (CWE)
Top Fix

Upgrade Version
Upgrade to version cross-localedef-native - 2.31;cross-localedef-native - 2.31+gitAUTOINC+1094741224_cd9f958c4c;cross-localedef-native - 2.31+gitAUTOINC+3ef8be9b89_cd9f958c4c;cross-localedef-native - no_fix;glibc-initial - 2.25;glibc-testsuite - 2.31;glibc-testsuite - no_fix;glibc - no_fix
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | NONE |
Integrity (I): | NONE |
Availability (A): | LOW |